how to do this.

Question

niths -1 Posting Whiz in Training

14 Years Ago

i am new to php. can any one give some idea to do this.

i am having some users in the backend like superadmin,admin, user.
now the thing is that whenever i login as a superadmin i could see everyone profile.
Already i am logging in as a super admin so except superadmin details i should see all others profile.

<?php
ob_start();
?>
<html>
<body>
<form action="login.php" method="post">
<div>
<table width="100%">
<tr>
<td><img src="Logofinalcopy.gif"></td>
</tr>
<tr>
<td bgcolor="aqua"><h2>Login</h2></td>
</tr></table>
<table align="right" style="width:40%">
<br>
<tr>
<td>username:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>password:</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td align="CENTER" COLSPAN="4">
<input TYPE="SUBMIT" name="submit" value="Login">
<input TYPE="reset" name="submit" value="clear"></td>
</tr>
</table>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
    $con = @mysql_connect("10.70.1.50","invensis","invensis");
    if (!$con)
    {
        die('Could not connect: ' . mysql_error());
    }
    $con=@mysql_select_db("database_myproject",$con);
    if (!$con)
    {
         die('Could not connect DB: ' . mysql_error());
    }
  $username=$_POST['username'];
  $password=$_POST['password'];
  $username = stripslashes($username);
  $password = stripslashes($password);
  $username = mysql_real_escape_string($username);
  $password = mysql_real_escape_string($password);
  $flag="OK";  
  $msg=""; 
 if(strlen($username) < 1)
   {
          $msg=$msg."Please enter the username<br>";
          $flag="NOTOK"; 
   }
 if(strlen($password) < 1)
   {
        $msg=$msg."Please enter the password<br>";
        $flag="NOTOK";  
   }
  if($flag <>"OK")
  {
    echo "<strong style='color:#FF3333'>"."<left >Please enter Username or Password  </left>"."</strong>";
  }
  else
    {
      $sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
      $result=mysql_query($sql); 
      $count= mysql_num_rows($result);
      if($count==1)
      {
            $sql = mysql_query("SELECT role FROM users WHERE username='$username' AND password='$password'");
            if($info = @mysql_fetch_array($sql))
            {
                if($info['role']=='0')
                {
                    @header('location: [url]http://localhost/Project/Superadmin.php');[/url]
                } 
                else if($info['role']=='1')
                {
                    @header('location: [url]http://localhost/Project/Admin.php');[/url]
                } 
                else if($info['role']=='2')
                {
                    @header('location: [url]http://localhost/Project/User.php');[/url]
                } 
            }
            else
            {
                ob_end_flush();    
            }    
      } 
     else 
     {
           echo "<strong style='color:#FF3333'>Incorrect User Name OR Password</strong>";
     }

}
}
?>

php

Edited 11 Years Ago by mike_2000_17 because: Fixed formatting

2 Contributors
1 Reply
88 Views
13 Hours Discussion Span
Latest Post 14 Years Ago Latest Post by webexpertzhere

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

webexpertzhere 1 Light Poster · Answer 1 · 2010-03-23T18:11:57+00:00

Check if this answers your query:

after you verify the login credentials, connect to the database.
Decide if you want to display all the details of each profile or you want to display only few details of every profile.
Depending on this change your select query accordingly.

If you want to display all the details, use
SELECT * from TABLE-NAME
where TABLE-NAME should represent the table which contains all the profile details stored

If you want to display only a few details, change your select query accordingly. Eg : You require only Name and Mobile No
SELECT Name, Mno from TABLE-NAME
where TABLE-NAME should represent the table which contains all the profile details stored and Name and Mno should be the names of the columns used.

This will retrieve the details of all the profiles stored in the table. Use a while loop to loop through the details and use a table to display the details.

Given below is a sample code for this:

<?
//Connect to the databse before performing these actions

$query = sprintf("SELECT FirstName, LastName, Email FROM $table_name");
$result = mysql_query($query);
if($result)
{
	while($row = mysql_fetch_array($result))
	{
		$fname = $row['FirstName'];
		$lname = $row['LastName'];
		$email = $row['Email'];
	?>
	<table width="99%" border="0" cellpadding="0" cellspacing="0">
		<tr>
			<td width="30%"><?php echo("$fname"); ?></td>
			<td width="30%"><?php echo("$lname"); ?></td>
			<td width="30%"><?php echo("$email"); ?></td>
		</tr>
	</table>
	<?
	}
}
?>